@sectester/scan 0.37.2 → 0.39.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/README.md +11 -13
  2. package/package.json +1 -1
  3. package/src/ScanSettings.d.ts +5 -3
  4. package/src/ScanSettings.js +34 -15
  5. package/src/ScanSettings.js.map +1 -1
  6. package/src/models/ScanConfig.d.ts +1 -2
  7. package/src/models/index.d.ts +0 -1
  8. package/src/models/index.js +0 -1
  9. package/src/models/index.js.map +1 -1
  10. package/src/target/Target.d.ts +1 -0
  11. package/src/target/Target.js +7 -0
  12. package/src/target/Target.js.map +1 -1
  13. package/src/models/TestType.d.ts +0 -45
  14. package/src/models/TestType.js +0 -50
  15. package/src/models/TestType.js.map +0 -1
package/README.md CHANGED
@@ -42,26 +42,24 @@ const target = new Target({
42
42
  The factory exposes the `createScan` method that returns a new [Scan instance](#managing-a-scan):
43
43
 
44
44
  ```ts
45
- import { TestType } from '@sectester/scan';
46
-
47
45
  const scan = await scanFactory.createScan({
48
46
  target,
49
- tests: [TestType.INSECURE_OUTPUT_HANDLING]
47
+ tests: ['insecure_output_handling']
50
48
  });
51
49
  ```
52
50
 
53
51
  Below you will find a list of parameters that can be used to configure a `Scan`:
54
52
 
55
- | Option | Description |
56
- | ---------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
57
- | `target` | The target that will be attacked. For details, see [here](#defining-a-target-for-attack). |
58
- | `tests` | The list of tests to be performed against the target application. [Learn more about tests](https://docs.brightsec.com/docs/vulnerability-guide) |
59
- | `repeaterId` | Connects the scan to a Repeater agent, which provides secure access to local networks. |
60
- | `smart` | Minimize scan time by using automatic smart decisions regarding parameter skipping, detection phases, etc. Enabled by default. |
61
- | `skipStaticParams` | Use an advanced algorithm to automatically determine if a parameter has any effect on the target system's behavior when changed, and skip testing such static parameters. Enabled by default. |
62
- | `poolSize` | Sets the maximum concurrent requests for the scan, to control the load on your server. By default, `10`. |
63
- | `attackParamLocations` | Defines which part of the request to attack. By default, `body`, `query`, and `fragment`. |
64
- | `name` | The scan name. The method and hostname by default, e.g. `GET /users/1`. |
53
+ | Option | Description |
54
+ | ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
55
+ | `target` | The target that will be attacked. For details, see [here](#defining-a-target-for-attack). |
56
+ | `tests` | The list of tests to be performed against the target application. To retrieve the complete list, send a request to the [API](https://app.brightsec.com/api/v1/scans/tests). [Learn more about tests](https://docs.brightsec.com/docs/vulnerability-guide). |
57
+ | `repeaterId` | Connects the scan to a Repeater agent, which provides secure access to local networks. |
58
+ | `smart` | Minimize scan time by using automatic smart decisions regarding parameter skipping, detection phases, etc. Enabled by default. |
59
+ | `skipStaticParams` | Use an advanced algorithm to automatically determine if a parameter has any effect on the target system's behavior when changed, and skip testing such static parameters. Enabled by default. |
60
+ | `poolSize` | Sets the maximum concurrent requests for the scan, to control the load on your server. By default, `10`. |
61
+ | `attackParamLocations` | Defines which part of the request to attack. By default, `body`, `query`, and `fragment`. |
62
+ | `name` | The scan name. The method and hostname by default, e.g. `GET /users/1`. |
65
63
 
66
64
  ### Defining a target for attack
67
65
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sectester/scan",
3
- "version": "0.37.2",
3
+ "version": "0.39.0",
4
4
  "description": "The package defines a simple public API to manage scans and their expectations.",
5
5
  "repository": {
6
6
  "type": "git",
package/src/ScanSettings.d.ts CHANGED
@@ -1,7 +1,7 @@
1
- import { AttackParamLocation, TestType } from './models';
1
+ import { AttackParamLocation } from './models';
2
2
  import { Target, TargetOptions } from './target';
3
3
  export interface ScanSettingsOptions {
4
- tests: TestType[];
4
+ tests: string[];
5
5
  target: Target | TargetOptions;
6
6
  name?: string;
7
7
  repeaterId?: string;
@@ -30,10 +30,12 @@ export declare class ScanSettings implements ScanSettingsOptions {
30
30
  get poolSize(): number;
31
31
  private set poolSize(value);
32
32
  private _tests;
33
- get tests(): TestType[];
33
+ get tests(): string[];
34
34
  private set tests(value);
35
35
  private _attackParamLocations;
36
36
  get attackParamLocations(): AttackParamLocation[];
37
37
  private set attackParamLocations(value);
38
38
  constructor({ name, tests, target, repeaterId, smart, poolSize, skipStaticParams, attackParamLocations }: ScanSettingsOptions);
39
+ private resolveAttackParamLocations;
40
+ private detectAttackParamLocations;
39
41
  }
package/src/ScanSettings.js CHANGED
@@ -51,12 +51,9 @@ class ScanSettings {
51
51
  return this._tests;
52
52
  }
53
53
  set tests(value) {
54
- if (!(0, core_1.contains)(models_1.TestType, value)) {
55
- throw new Error('Unknown test type supplied.');
56
- }
57
54
  const uniqueTestTypes = new Set(value);
58
55
  if (uniqueTestTypes.size < 1) {
59
- throw new Error('Please provide a least one test.');
56
+ throw new Error('Please provide at least one test.');
60
57
  }
61
58
  this._tests = [...uniqueTestTypes];
62
59
  }
@@ -67,18 +64,9 @@ class ScanSettings {
67
64
  if (!(0, core_1.contains)(models_1.AttackParamLocation, value)) {
68
65
  throw new Error('Unknown attack param location supplied.');
69
66
  }
70
- const uniqueAttackParamLocations = new Set(value);
71
- if (uniqueAttackParamLocations.size < 1) {
72
- throw new Error('Please provide a least one attack parameter location.');
73
- }
74
- this._attackParamLocations = [...uniqueAttackParamLocations];
67
+ this._attackParamLocations = this.resolveAttackParamLocations(value);
75
68
  }
76
- constructor({ name, tests, target, repeaterId, smart = true, poolSize = 10, skipStaticParams = true, attackParamLocations = [
77
- models_1.AttackParamLocation.BODY,
78
- models_1.AttackParamLocation.QUERY,
79
- models_1.AttackParamLocation.FRAGMENT
80
- ] }) {
81
- this.attackParamLocations = attackParamLocations;
69
+ constructor({ name, tests, target, repeaterId, smart = true, poolSize = 10, skipStaticParams = true, attackParamLocations = [] }) {
82
70
  this.target = target;
83
71
  const { method, parsedURL } = this.target;
84
72
  this.name = name || (0, core_1.truncate)(`${method} ${parsedURL.pathname}`, 200);
@@ -87,6 +75,37 @@ class ScanSettings {
87
75
  this.skipStaticParams = skipStaticParams;
88
76
  this.smart = smart;
89
77
  this.tests = tests;
78
+ this.attackParamLocations = attackParamLocations;
79
+ }
80
+ resolveAttackParamLocations(providedLocations) {
81
+ if (providedLocations.length > 0) {
82
+ return [...new Set(providedLocations)];
83
+ }
84
+ const detectedLocations = this.detectAttackParamLocations();
85
+ // Use default locations if none detected
86
+ return detectedLocations.length > 0
87
+ ? detectedLocations
88
+ : [
89
+ models_1.AttackParamLocation.BODY,
90
+ models_1.AttackParamLocation.QUERY,
91
+ models_1.AttackParamLocation.FRAGMENT
92
+ ];
93
+ }
94
+ detectAttackParamLocations() {
95
+ const locations = [];
96
+ const hasBody = this.target.body !== undefined &&
97
+ this.target.method !== models_1.HttpMethod.GET &&
98
+ this.target.method !== models_1.HttpMethod.HEAD;
99
+ if (hasBody) {
100
+ locations.push(models_1.AttackParamLocation.BODY);
101
+ }
102
+ if (this.target.query) {
103
+ locations.push(models_1.AttackParamLocation.QUERY);
104
+ }
105
+ if (this.target.fragment) {
106
+ locations.push(models_1.AttackParamLocation.FRAGMENT);
107
+ }
108
+ return locations;
90
109
  }
91
110
  }
92
111
  exports.ScanSettings = ScanSettings;
package/src/ScanSettings.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ScanSettings.js","sourceRoot":"","sources":["../../../../packages/scan/src/ScanSettings.ts"],"names":[],"mappings":";;;AAAA,qCAAyD;AACzD,qCAAiD;AACjD,0CAAsE;AAqBtE,MAAa,YAAY;IAGvB,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,IAAY,IAAI,CAAC,KAAa;QAC5B,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAID,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAY,UAAU,CAAC,KAAK;QAC1B,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;IAC3B,CAAC;IAID,IAAI,gBAAgB;QAClB,OAAO,IAAI,CAAC,iBAAiB,CAAC;IAChC,CAAC;IAED,IAAY,gBAAgB,CAAC,KAAc;QACzC,IAAI,CAAC,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC;IACnC,CAAC;IAID,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,IAAI,KAAK,CAAC,KAAc;QACtB,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC;IACxB,CAAC;IAID,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED,IAAY,MAAM,CAAC,KAA6B;QAC9C,IAAI,CAAC,OAAO,GAAG,IAAI,eAAM,CAAC,KAAK,CAAC,CAAC;IACnC,CAAC;IAID,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,IAAY,QAAQ,CAAC,KAAa;QAChC,IAAI,CAAC,IAAA,sBAAe,EAAC,KAAK,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACxC,CAAC;QAED,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IACzB,CAAC;IAID,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,IAAY,KAAK,CAAC,KAAiB;QACjC,IAAI,CAAC,IAAA,eAAQ,EAAC,iBAAQ,EAAE,KAAK,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,eAAe,GAAG,IAAI,GAAG,CAAW,KAAK,CAAC,CAAC;QAEjD,IAAI,eAAe,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,CAAC,GAAG,eAAe,CAAC,CAAC;IACrC,CAAC;IAID,IAAI,oBAAoB;QACtB,OAAO,IAAI,CAAC,qBAAqB,CAAC;IACpC,CAAC;IAED,IAAY,oBAAoB,CAAC,KAA4B;QAC3D,IAAI,CAAC,IAAA,eAAQ,EAAC,4BAAmB,EAAE,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,MAAM,0BAA0B,GAAG,IAAI,GAAG,CAAsB,KAAK,CAAC,CAAC;QAEvE,IAAI,0BAA0B,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QAC3E,CAAC;QAED,IAAI,CAAC,qBAAqB,GAAG,CAAC,GAAG,0BAA0B,CAAC,CAAC;IAC/D,CAAC;IAED,YAAY,EACV,IAAI,EACJ,KAAK,EACL,MAAM,EACN,UAAU,EACV,KAAK,GAAG,IAAI,EACZ,QAAQ,GAAG,EAAE,EACb,gBAAgB,GAAG,IAAI,EACvB,oBAAoB,GAAG;QACrB,4BAAmB,CAAC,IAAI;QACxB,4BAAmB,CAAC,KAAK;QACzB,4BAAmB,CAAC,QAAQ;KAC7B,EACmB;QACpB,IAAI,CAAC,oBAAoB,GAAG,oBAAoB,CAAC;QACjD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC;QAC1C,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,IAAA,eAAQ,EAAC,GAAG,MAAM,IAAI,SAAS,CAAC,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC;QACrE,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;QACzC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AApID,oCAoIC"}
1
+ {"version":3,"file":"ScanSettings.js","sourceRoot":"","sources":["../../../../packages/scan/src/ScanSettings.ts"],"names":[],"mappings":";;;AAAA,qCAA2D;AAC3D,qCAAiD;AACjD,0CAAsE;AAqBtE,MAAa,YAAY;IAGvB,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,IAAY,IAAI,CAAC,KAAa;QAC5B,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAID,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAY,UAAU,CAAC,KAAK;QAC1B,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;IAC3B,CAAC;IAID,IAAI,gBAAgB;QAClB,OAAO,IAAI,CAAC,iBAAiB,CAAC;IAChC,CAAC;IAED,IAAY,gBAAgB,CAAC,KAAc;QACzC,IAAI,CAAC,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC;IACnC,CAAC;IAID,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,IAAI,KAAK,CAAC,KAAc;QACtB,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC;IACxB,CAAC;IAID,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED,IAAY,MAAM,CAAC,KAA6B;QAC9C,IAAI,CAAC,OAAO,GAAG,IAAI,eAAM,CAAC,KAAK,CAAC,CAAC;IACnC,CAAC;IAID,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED,IAAY,QAAQ,CAAC,KAAa;QAChC,IAAI,CAAC,IAAA,sBAAe,EAAC,KAAK,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACxC,CAAC;QAED,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IACzB,CAAC;IAID,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,IAAY,KAAK,CAAC,KAAe;QAC/B,MAAM,eAAe,GAAG,IAAI,GAAG,CAAS,KAAK,CAAC,CAAC;QAE/C,IAAI,eAAe,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,CAAC,GAAG,eAAe,CAAC,CAAC;IACrC,CAAC;IAID,IAAI,oBAAoB;QACtB,OAAO,IAAI,CAAC,qBAAqB,CAAC;IACpC,CAAC;IAED,IAAY,oBAAoB,CAAC,KAA4B;QAC3D,IAAI,CAAC,IAAA,eAAQ,EAAC,4BAAmB,EAAE,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC,qBAAqB,GAAG,IAAI,CAAC,2BAA2B,CAAC,KAAK,CAAC,CAAC;IACvE,CAAC;IAED,YAAY,EACV,IAAI,EACJ,KAAK,EACL,MAAM,EACN,UAAU,EACV,KAAK,GAAG,IAAI,EACZ,QAAQ,GAAG,EAAE,EACb,gBAAgB,GAAG,IAAI,EACvB,oBAAoB,GAAG,EAAE,EACL;QACpB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC;QAC1C,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,IAAA,eAAQ,EAAC,GAAG,MAAM,IAAI,SAAS,CAAC,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC;QACrE,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;QACzC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,oBAAoB,GAAG,oBAAoB,CAAC;IACnD,CAAC;IAEO,2BAA2B,CACjC,iBAAwC;QAExC,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,iBAAiB,GAAG,IAAI,CAAC,0BAA0B,EAAE,CAAC;QAE5D,yCAAyC;QACzC,OAAO,iBAAiB,CAAC,MAAM,GAAG,CAAC;YACjC,CAAC,CAAC,iBAAiB;YACnB,CAAC,CAAC;gBACE,4BAAmB,CAAC,IAAI;gBACxB,4BAAmB,CAAC,KAAK;gBACzB,4BAAmB,CAAC,QAAQ;aAC7B,CAAC;IACR,CAAC;IAEO,0BAA0B;QAChC,MAAM,SAAS,GAA0B,EAAE,CAAC;QAE5C,MAAM,OAAO,GACX,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;YAC9B,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,mBAAU,CAAC,GAAG;YACrC,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,mBAAU,CAAC,IAAI,CAAC;QAEzC,IAAI,OAAO,EAAE,CAAC;YACZ,SAAS,CAAC,IAAI,CAAC,4BAAmB,CAAC,IAAI,CAAC,CAAC;QAC3C,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACtB,SAAS,CAAC,IAAI,CAAC,4BAAmB,CAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC,4BAAmB,CAAC,QAAQ,CAAC,CAAC;QAC/C,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;CACF;AAhKD,oCAgKC"}
package/src/models/ScanConfig.d.ts CHANGED
@@ -1,10 +1,9 @@
1
- import { TestType } from './TestType';
2
1
  import { AttackParamLocation } from './AttackParamLocation';
3
2
  export interface ScanConfig {
4
3
  name: string;
5
4
  projectId: string;
6
5
  entryPointIds: string[];
7
- tests?: TestType[];
6
+ tests?: string[];
8
7
  poolSize?: number;
9
8
  attackParamLocations?: AttackParamLocation[];
10
9
  repeaters?: string[];
package/src/models/index.d.ts CHANGED
@@ -1,7 +1,6 @@
1
1
  export * from './AttackParamLocation';
2
2
  export * from './Severity';
3
3
  export * from './ScanStatus';
4
- export * from './TestType';
5
4
  export * from './Issue';
6
5
  export * from './IssueGroup';
7
6
  export * from './ScanState';
package/src/models/index.js CHANGED
@@ -4,7 +4,6 @@ const tslib_1 = require("tslib");
4
4
  tslib_1.__exportStar(require("./AttackParamLocation"), exports);
5
5
  tslib_1.__exportStar(require("./Severity"), exports);
6
6
  tslib_1.__exportStar(require("./ScanStatus"), exports);
7
- tslib_1.__exportStar(require("./TestType"), exports);
8
7
  tslib_1.__exportStar(require("./Issue"), exports);
9
8
  tslib_1.__exportStar(require("./IssueGroup"), exports);
10
9
  tslib_1.__exportStar(require("./ScanState"), exports);
package/src/models/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/scan/src/models/index.ts"],"names":[],"mappings":";;;AAAA,gEAAsC;AACtC,qDAA2B;AAC3B,uDAA6B;AAC7B,qDAA2B;AAC3B,kDAAwB;AACxB,uDAA6B;AAC7B,sDAA4B;AAC5B,uDAA6B;AAC7B,uDAA6B"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/scan/src/models/index.ts"],"names":[],"mappings":";;;AAAA,gEAAsC;AACtC,qDAA2B;AAC3B,uDAA6B;AAC7B,kDAAwB;AACxB,uDAA6B;AAC7B,sDAA4B;AAC5B,uDAA6B;AAC7B,uDAA6B"}
package/src/target/Target.d.ts CHANGED
@@ -24,6 +24,7 @@ export declare class Target implements TargetOptions {
24
24
  get queryString(): string;
25
25
  get query(): QueryParamsType;
26
26
  private set query(value);
27
+ get fragment(): string;
27
28
  private _parsedHeaders;
28
29
  private _headers?;
29
30
  get headers(): HeadersType;
package/src/target/Target.js CHANGED
@@ -47,6 +47,9 @@ class Target {
47
47
  this._parsedURL.search = this.queryString;
48
48
  this._cachedUrl = undefined;
49
49
  }
50
+ get fragment() {
51
+ return this._parsedURL.hash;
52
+ }
50
53
  get headers() {
51
54
  if (this._headers) {
52
55
  return this._headers;
@@ -68,6 +71,10 @@ class Target {
68
71
  return this._body;
69
72
  }
70
73
  set body(value) {
74
+ if (value !== undefined &&
75
+ (this.method === models_1.HttpMethod.GET || this.method === models_1.HttpMethod.HEAD)) {
76
+ throw new Error('Cannot set body for GET or HEAD requests');
77
+ }
71
78
  this._body = value;
72
79
  if (value !== undefined) {
73
80
  const contentType = this._parsedHeaders.get('content-type');
package/src/target/Target.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Target.js","sourceRoot":"","sources":["../../../../../packages/scan/src/target/Target.ts"],"names":[],"mappings":";;;AAAA,sCAAqD;AACrD,iCAAwC;AAGxC,wCAA6C;AAC7C,+BAAgC;AAmBhC,MAAa,MAAM;IAGjB,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAID,IAAI,GAAG;QACL,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAED,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED,IAAY,GAAG,CAAC,KAAa;QAC3B,IAAI,CAAC,UAAU,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAY,EAAC,KAAK,CAAC,CAAC,CAAC;QAC/C,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;QACxB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;IAChC,CAAC;IAID,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED,IAAY,MAAM,CAAC,KAAiB;QAClC,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;IACvB,CAAC;IAKD,IAAI,WAAW;QACb,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;YACrD,IAAI,CAAC,YAAY;gBACf,OAAO,MAAM,KAAK,QAAQ;oBACxB,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC;oBAC7B,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;QAED,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED,IAAI,KAAK;;QACP,OAAO,MAAA,IAAI,CAAC,MAAM,mCAAI,EAAE,CAAC;IAC3B,CAAC;IAED,IAAY,KAAK,CAAC,WAA4B;QAC5C,IAAI,CAAC,MAAM,GAAG,WAAW,CAAC;QAC1B,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC;QAC1C,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;IAC9B,CAAC;IAKD,IAAI,OAAO;QACT,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACjE,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAExD,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED,IAAY,OAAO,CAAC,KAAkB;QACpC,IAAI,CAAC,cAAc,GAAG,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAKD,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,IAAY,IAAI,CAAC,KAA2B;QAC1C,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC5D,MAAM,EAAE,OAAO,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,IAAI,eAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAEjE,IAAI,CAAC,WAAW,GAAG,IAAI,WAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAID,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED,YAAY,EACV,GAAG,EACH,IAAI,EACJ,KAAK,EACL,OAAO,GAAG,EAAE,EACZ,cAAc,EACd,MAAM,GAAG,mBAAU,CAAC,GAAG,EACT;QAmBC,0BAAqB,GAAG,CAAC,MAAuB,EAAU,EAAE,CAC3E,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAnBvC,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,MAAM,GAAG,IAAA,qBAAY,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,mBAAU,CAAC,GAAG,CAAC;QAC7D,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,eAAe,GAAG,cAAc,aAAd,cAAc,cAAd,cAAc,GAAI,IAAI,CAAC,qBAAqB,CAAC;QAEpE,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACnB,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACrB,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,IAAI;;QACf,OAAO,MAAA,IAAI,CAAC,WAAW,0CAAE,IAAI,EAAE,CAAC;IAClC,CAAC;CAIF;AAxID,wBAwIC"}
1
+ {"version":3,"file":"Target.js","sourceRoot":"","sources":["../../../../../packages/scan/src/target/Target.ts"],"names":[],"mappings":";;;AAAA,sCAAqD;AACrD,iCAAwC;AAGxC,wCAA6C;AAC7C,+BAAgC;AAmBhC,MAAa,MAAM;IAGjB,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAID,IAAI,GAAG;QACL,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAED,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED,IAAY,GAAG,CAAC,KAAa;QAC3B,IAAI,CAAC,UAAU,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAY,EAAC,KAAK,CAAC,CAAC,CAAC;QAC/C,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;QACxB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;IAChC,CAAC;IAID,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED,IAAY,MAAM,CAAC,KAAiB;QAClC,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;IACvB,CAAC;IAKD,IAAI,WAAW;QACb,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;YACrD,IAAI,CAAC,YAAY;gBACf,OAAO,MAAM,KAAK,QAAQ;oBACxB,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC;oBAC7B,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;QAED,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED,IAAI,KAAK;;QACP,OAAO,MAAA,IAAI,CAAC,MAAM,mCAAI,EAAE,CAAC;IAC3B,CAAC;IAED,IAAY,KAAK,CAAC,WAA4B;QAC5C,IAAI,CAAC,MAAM,GAAG,WAAW,CAAC;QAC1B,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC;QAC1C,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;IAC9B,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;IAC9B,CAAC;IAKD,IAAI,OAAO;QACT,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACjE,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAExD,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED,IAAY,OAAO,CAAC,KAAkB;QACpC,IAAI,CAAC,cAAc,GAAG,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAKD,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,IAAY,IAAI,CAAC,KAA2B;QAC1C,IACE,KAAK,KAAK,SAAS;YACnB,CAAC,IAAI,CAAC,MAAM,KAAK,mBAAU,CAAC,GAAG,IAAI,IAAI,CAAC,MAAM,KAAK,mBAAU,CAAC,IAAI,CAAC,EACnE,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QAEnB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC5D,MAAM,EAAE,OAAO,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,IAAI,eAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAEjE,IAAI,CAAC,WAAW,GAAG,IAAI,WAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAID,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED,YAAY,EACV,GAAG,EACH,IAAI,EACJ,KAAK,EACL,OAAO,GAAG,EAAE,EACZ,cAAc,EACd,MAAM,GAAG,mBAAU,CAAC,GAAG,EACT;QAmBC,0BAAqB,GAAG,CAAC,MAAuB,EAAU,EAAE,CAC3E,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAnBvC,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,MAAM,GAAG,IAAA,qBAAY,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,mBAAU,CAAC,GAAG,CAAC;QAC7D,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,eAAe,GAAG,cAAc,aAAd,cAAc,cAAd,cAAc,GAAI,IAAI,CAAC,qBAAqB,CAAC;QAEpE,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACnB,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACrB,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,IAAI;;QACf,OAAO,MAAA,IAAI,CAAC,WAAW,0CAAE,IAAI,EAAE,CAAC;IAClC,CAAC;CAIF;AApJD,wBAoJC"}
package/src/models/TestType.d.ts DELETED
@@ -1,45 +0,0 @@
1
- export declare enum TestType {
2
- AMAZON_S3_TAKEOVER = "amazon_s3_takeover",
3
- BROKEN_OBJECT_PROPERTY_LEVEL_AUTHORIZATION = "bopla",
4
- BROKEN_ACCESS_CONTROL = "broken_access_control",
5
- BROKEN_SAML_AUTHENTICATION = "broken_saml_auth",
6
- BROKEN_JWT_AUTHENTICATION = "jwt",
7
- BRUTE_FORCE_LOGIN = "brute_force_login",
8
- BUSINESS_CONSTRAINT_BYPASS = "business_constraint_bypass",
9
- COOKIE_SECURITY = "cookie_security",
10
- CROSS_SITE_REQUEST_FORGERY = "csrf",
11
- CSS_INJECTION = "css_injection",
12
- DATE_MANIPULATION = "date_manipulation",
13
- EMAIL_INJECTION = "email_injection",
14
- EXCESSIVE_DATA_EXPOSURE = "excessive_data_exposure",
15
- FILE_UPLOAD = "file_upload",
16
- FULL_PATH_DISCLOSURE = "full_path_disclosure",
17
- GRAPHQL_INTROSPECTION = "graphql_introspection",
18
- HTML_INJECTION = "html_injection",
19
- HTTP_METHOD_FUZZING = "http_method_fuzzing",
20
- ID_ENUMERATION = "id_enumeration",
21
- IFRAME_INJECTION = "iframe_injection",
22
- IMPROPER_ASSET_MANAGEMENT = "improper_asset_management",
23
- INSECURE_OUTPUT_HANDLING = "insecure_output_handling",
24
- LDAP_INJECTION = "ldapi",
25
- LOCAL_FILE_INCLUSION = "lfi",
26
- MASS_ASSIGNMENT = "mass_assignment",
27
- MONGODB_INJECTION = "nosql",
28
- OPEN_CLOUD_STORAGE = "open_cloud_storage",
29
- EXPOSED_DATABASE_DETAILS = "open_database",
30
- OS_COMMAND_INJECTION = "osi",
31
- PASSWORD_RESET_POISONING = "password_reset_poisoning",
32
- PROMPT_INJECTION = "prompt_injection",
33
- JS_PROTOTYPE_POLLUTION = "proto_pollution",
34
- REMOTE_FILE_INCLUSION = "rfi",
35
- SQL_INJECTION = "sqli",
36
- SECRET_TOKENS_LEAK = "secret_tokens",
37
- SERVER_SIDE_JS_INJECTION = "server_side_js_injection",
38
- SERVER_SIDE_REQUEST_FORGERY = "ssrf",
39
- SERVER_SIDE_TEMPLATE_INJECTION = "ssti",
40
- STORED_CROSS_SITE_SCRIPTING = "stored_xss",
41
- UNVALIDATED_REDIRECT = "unvalidated_redirect",
42
- XPATH_INJECTION = "xpathi",
43
- XML_EXTERNAL_ENTITY_INJECTION = "xxe",
44
- CROSS_SITE_SCRIPTING = "xss"
45
- }
package/src/models/TestType.js DELETED
@@ -1,50 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.TestType = void 0;
4
- var TestType;
5
- (function (TestType) {
6
- TestType["AMAZON_S3_TAKEOVER"] = "amazon_s3_takeover";
7
- TestType["BROKEN_OBJECT_PROPERTY_LEVEL_AUTHORIZATION"] = "bopla";
8
- TestType["BROKEN_ACCESS_CONTROL"] = "broken_access_control";
9
- TestType["BROKEN_SAML_AUTHENTICATION"] = "broken_saml_auth";
10
- TestType["BROKEN_JWT_AUTHENTICATION"] = "jwt";
11
- TestType["BRUTE_FORCE_LOGIN"] = "brute_force_login";
12
- TestType["BUSINESS_CONSTRAINT_BYPASS"] = "business_constraint_bypass";
13
- TestType["COOKIE_SECURITY"] = "cookie_security";
14
- TestType["CROSS_SITE_REQUEST_FORGERY"] = "csrf";
15
- TestType["CSS_INJECTION"] = "css_injection";
16
- TestType["DATE_MANIPULATION"] = "date_manipulation";
17
- TestType["EMAIL_INJECTION"] = "email_injection";
18
- TestType["EXCESSIVE_DATA_EXPOSURE"] = "excessive_data_exposure";
19
- TestType["FILE_UPLOAD"] = "file_upload";
20
- TestType["FULL_PATH_DISCLOSURE"] = "full_path_disclosure";
21
- TestType["GRAPHQL_INTROSPECTION"] = "graphql_introspection";
22
- TestType["HTML_INJECTION"] = "html_injection";
23
- TestType["HTTP_METHOD_FUZZING"] = "http_method_fuzzing";
24
- TestType["ID_ENUMERATION"] = "id_enumeration";
25
- TestType["IFRAME_INJECTION"] = "iframe_injection";
26
- TestType["IMPROPER_ASSET_MANAGEMENT"] = "improper_asset_management";
27
- TestType["INSECURE_OUTPUT_HANDLING"] = "insecure_output_handling";
28
- TestType["LDAP_INJECTION"] = "ldapi";
29
- TestType["LOCAL_FILE_INCLUSION"] = "lfi";
30
- TestType["MASS_ASSIGNMENT"] = "mass_assignment";
31
- TestType["MONGODB_INJECTION"] = "nosql";
32
- TestType["OPEN_CLOUD_STORAGE"] = "open_cloud_storage";
33
- TestType["EXPOSED_DATABASE_DETAILS"] = "open_database";
34
- TestType["OS_COMMAND_INJECTION"] = "osi";
35
- TestType["PASSWORD_RESET_POISONING"] = "password_reset_poisoning";
36
- TestType["PROMPT_INJECTION"] = "prompt_injection";
37
- TestType["JS_PROTOTYPE_POLLUTION"] = "proto_pollution";
38
- TestType["REMOTE_FILE_INCLUSION"] = "rfi";
39
- TestType["SQL_INJECTION"] = "sqli";
40
- TestType["SECRET_TOKENS_LEAK"] = "secret_tokens";
41
- TestType["SERVER_SIDE_JS_INJECTION"] = "server_side_js_injection";
42
- TestType["SERVER_SIDE_REQUEST_FORGERY"] = "ssrf";
43
- TestType["SERVER_SIDE_TEMPLATE_INJECTION"] = "ssti";
44
- TestType["STORED_CROSS_SITE_SCRIPTING"] = "stored_xss";
45
- TestType["UNVALIDATED_REDIRECT"] = "unvalidated_redirect";
46
- TestType["XPATH_INJECTION"] = "xpathi";
47
- TestType["XML_EXTERNAL_ENTITY_INJECTION"] = "xxe";
48
- TestType["CROSS_SITE_SCRIPTING"] = "xss";
49
- })(TestType || (exports.TestType = TestType = {}));
50
- //# sourceMappingURL=TestType.js.map
package/src/models/TestType.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"TestType.js","sourceRoot":"","sources":["../../../../../packages/scan/src/models/TestType.ts"],"names":[],"mappings":";;;AAAA,IAAY,QA4CX;AA5CD,WAAY,QAAQ;IAClB,qDAAyC,CAAA;IACzC,gEAAoD,CAAA;IACpD,2DAA+C,CAAA;IAC/C,2DAA+C,CAAA;IAC/C,6CAAiC,CAAA;IACjC,mDAAuC,CAAA;IACvC,qEAAyD,CAAA;IACzD,+CAAmC,CAAA;IACnC,+CAAmC,CAAA;IACnC,2CAA+B,CAAA;IAC/B,mDAAuC,CAAA;IACvC,+CAAmC,CAAA;IACnC,+DAAmD,CAAA;IACnD,uCAA2B,CAAA;IAC3B,yDAA6C,CAAA;IAC7C,2DAA+C,CAAA;IAC/C,6CAAiC,CAAA;IACjC,uDAA2C,CAAA;IAC3C,6CAAiC,CAAA;IACjC,iDAAqC,CAAA;IACrC,mEAAuD,CAAA;IACvD,iEAAqD,CAAA;IACrD,oCAAwB,CAAA;IACxB,wCAA4B,CAAA;IAC5B,+CAAmC,CAAA;IACnC,uCAA2B,CAAA;IAC3B,qDAAyC,CAAA;IACzC,sDAA0C,CAAA;IAC1C,wCAA4B,CAAA;IAC5B,iEAAqD,CAAA;IACrD,iDAAqC,CAAA;IACrC,sDAA0C,CAAA;IAC1C,yCAA6B,CAAA;IAC7B,kCAAsB,CAAA;IACtB,gDAAoC,CAAA;IACpC,iEAAqD,CAAA;IACrD,gDAAoC,CAAA;IACpC,mDAAuC,CAAA;IACvC,sDAA0C,CAAA;IAC1C,yDAA6C,CAAA;IAC7C,sCAA0B,CAAA;IAC1B,iDAAqC,CAAA;IACrC,wCAA4B,CAAA;AAC9B,CAAC,EA5CW,QAAQ,wBAAR,QAAQ,QA4CnB"}